Fallos del tipo CWE-77
2516 resultadosCVE-2024-7715MEDIUMD-Link DNS-1550-04 photocenter_mgr.cgi sprintf command injectionEPSS 25.1%CVE-2023-31983CRITICALA Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the mp EPSS 24.9%CVE-2025-31644HIGHAppliance mode BIG-IP iControl REST and tmsh vulnerabilityEPSS 24.7%CVE-2026-3854HIGHRemote code execution via git push option injection in GitHub Enterprise ServerEPSS 24.5%CVE-2018-19949CRITICALIf exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed the issue EPSS 24.4%KEVCVE-2024-4884CRITICALWhatsUp Gold CommunityController Unrestricted File Upload Remote Code Execution VulnerabilityEPSS 24.3%CVE-2026-3065MEDIUMHummerRisk Cloud Task Dry-run CloudTaskService.java CommandUtils.commonExecCmdWithResult command injectionEPSS 24.1%CVE-2025-70161CRITICALEDIMAX BR-6208AC V2_1.02 is vulnerable to Command Injection. This arises because the pppUserName field is directly passed to a shell commandEPSS 24.1%CVE-2024-39914CRITICAL FOG has a command injection in /fog/management/export.php?filename=EPSS 23.4%CVE-2024-23625CRITICALD-Link DAP-1650 SUBSCRIBE Callback Command Injection VulnerabilityEPSS 22.8%CVE-2024-37186CRITICALAn os command injection vulnerability exists in the adm.cgi set_ledonoff() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially cEPSS 22.8%CVE-2024-8132MEDIUMD-Link DNS-1550-04 HTTP POST Request webdav_mgr.cgi webdav_mgr command injectionEPSS 22.8%CVE-2016-6367HIGHCisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain priEPSS 22.6%KEVCVE-2024-0919HIGHTRENDnet TEW-815DAP POST Request do_setNTP command injectionEPSS 22.5%CVE-2025-52688CRITICALCommand Injection Vulnerability in the OmniAccess Stellar Web Management InterfaceEPSS 22.5%CVE-2021-22899HIGHA command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote coEPSS 22.3%KEVCVE-2024-8129MEDIUMD-Link DNS-1550-04 HTTP POST Request s3.cgi cgi_s3_modify command injectionEPSS 22.2%CVE-2025-53107HIGH@cyanheads/git-mcp-server vulnerable to command injection in several toolsEPSS 22.1%CVE-2025-5441MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 setDeviceURL os command injectionEPSS 21.5%CVE-2025-5442MEDIUMLinksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_pingGatewayByBBS os command injectionEPSS 21.5%